question

NITIN-SALI avatar image
0 Votes"
NITIN-SALI asked AndyHong-8344 commented

Fetch users and groups from AAD Enterprise application...

Hello,

I want to fetch list of all users and groups who have access to AAD enterprise application using
Microsoft Graph SDK in an console application.

Can any help me with the exact code.
Please see below details which needed to be fetched programatically.

45194-que.jpg



azure-active-directoryazure-ad-app-registrationazure-ad-graph
que.jpg (78.1 KiB)
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

soumi-MSFT avatar image
2 Votes"
soumi-MSFT answered AndyHong-8344 commented

Hello @NITIN-SALI, thank you for reaching out. To list all the users and groups that are already added to a specific application registered in Azure AD, you need to use the following Microsoft Graph API: https://graph.microsoft.com/beta/servicePrincipals/{id}/appRoleAssignedTo

To use this API, make sure you have the following permissions added in your app registration using which you would make the Graph API call.
45136-permissionsapproleassignedto.png


More details about this API can be found here: https://docs.microsoft.com/en-us/graph/api/serviceprincipal-list-approleassignedto?view=graph-rest-1.0&tabs=http

Hope this helps.

Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as an Answer; if the above response helped in answering your query.



permissionsapproleassignedto.png (19.1 KiB)
· 4
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

NITIN-SALI avatar image NITIN-SALI ·

Hello,

Thanks for the quick response,
Can I get the exact source code for this, how to call this API from my application.

there is not documentation available for this.

Thanks
Nitin

0 Votes 0 ·
soumi-MSFT avatar image soumi-MSFT NITIN-SALI ·

@NITIN-SALI, For which language you want to code for?
Check the following URL:https://docs.microsoft.com/en-us/graph/api/serviceprincipal-list-approleassignedto?view=graph-rest-1.0&tabs=http#request
This URL has the code snippets for various languages listed.

Hope this helps.

Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as an Answer; if the above response helped in answering your query.


1 Vote 1 ·
soumi-MSFT avatar image soumi-MSFT NITIN-SALI ·

Hello @NITIN-SALI , just wanted to follow up with you to check if the below response helped in answering your query or not. Please do update us if there are any more queries, so around this. If not it would be great if you can accept the below response as Answer so that it helps others to visiting the forum with similar queries.

0 Votes 0 ·
AndyHong-8344 avatar image AndyHong-8344 ·

Hi there, is it possible to check the opposite?

How can I check the groups that a user is part of within the application?

I have tried using GET me/memberOf endpoint on graph API, but no avail -- it was returning a bunch of groups that I'm part of, but not the groups that I was assigned to within the application.

Thank you!

0 Votes 0 ·